12.6. Secured MongoDB

Warning

You are looking at documentation for an older release. Not what you want? See the current release documentation.

For a quick setup, the add-on by default uses a local and none-authorization connection. However, in production it is likely you will secure your MongoDB, so authorization is required. Below are steps to do this.

Note

Read MongoDB documentation for MongoDB security. This setup procedure is applied for MongoDB 3.2.

  1. Start MongoDB and connect to the shell to create a database named admin. Add a user with role userAdminAnyDatabase.

    $ mongo
    >use admin
    >db.createUser({user: "admin", pwd: "admin", roles: [{role: "userAdminAnyDatabase", db: "admin"}]})
    >exit
  2. Edit MongoDB configuration to turn on authentication, then restart the server.

    # mongodb.conf
    # Your MongoDB host.
    bind_ip = 192.168.1.81
    
    # The default MongoDB port
    port = 27017
    
    # Turn on authentication
    auth=true
  3. Create a user having readWrite role in the database chat (you can name the database as your desire).

    $ mongo -port 27017 -host 192.168.1.81 -u admin -p admin -authenticationDatabase admin
    >use chat
    >db.createUser({user: "exo", pwd: "exo", roles: [{role: "readWrite", db: "chat"}]})
    >exit
  4. Verify the authentication/authorization of the new user:

    $ mongo -port 27017 -host 192.168.1.81 -u exo -p exo -authenticationDatabase chat
    >use chat
    >db.placeholder.insert({description: "test"})
    >db.placeholder.find()
  5. Create a configuration file containing these below parameters.

    dbName=chat
    dbServerHost=192.168.1.81
    dbServerPort=27017
    dbAuthentication=true
    dbUser=exo
    dbPassword=exo

    Note

    The parameters above correspond with the values used during creating authorization for MongoDB.

Copyright ©. All rights reserved. eXo Platform SAS
blog comments powered byDisqus